Bitcoin Forum
December 10, 2018, 07:50:35 AM *
News: Latest Bitcoin Core release: 0.17.0 [Torrent].
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: HD wallet question  (Read 81 times)
btcstudmuffin
Newbie
*
Offline Offline

Activity: 2
Merit: 0


View Profile
March 16, 2018, 03:16:13 PM
 #1

Hey folks!

I'm working on the backend for a service that will require users to be able to deposit BTC. We're using cold storage for most of the coin, so these are just for deposits that should realistically then be moved elsewhere.

My current plan is to go with an HD wallet so we can easily generate new per-transaction addresses server-side.

Because you won't be able to spend from these addresses, the tree will look something like M/44'/0'/account'/change/index/

I guess my question is... for the sake of security, should I just be pre-generating a bunch of account' xpubkeys offline and storing them in a table to assign to users as they join? Or is there a way to safely generate the account/change/index/ part of the tree server-side.

I want to obviously assign each user with a unique branch to avoid jumping the gap when generating addresses that won't necessarily receive deposits right away.
1544428235
Hero Member
*
Offline Offline

Posts: 1544428235

View Profile Personal Message (Offline)

Ignore
1544428235
Reply with quote  #2

1544428235
Report to moderator
1544428235
Hero Member
*
Offline Offline

Posts: 1544428235

View Profile Personal Message (Offline)

Ignore
1544428235
Reply with quote  #2

1544428235
Report to moderator
1544428235
Hero Member
*
Offline Offline

Posts: 1544428235

View Profile Personal Message (Offline)

Ignore
1544428235
Reply with quote  #2

1544428235
Report to moderator
100% New Software
PC, Mac, Android, & HTML5 Clients
Krill Rakeback
Low Rake
Bitcoin Poker 3.0
Bad Beat Jackpot
SwC Poker Relaunch
PLAY NOW
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
achow101
Moderator
Legendary
*
expert
Offline Offline

Activity: 1610
Merit: 1789


bc1qshxkrpe4arppq89fpzm6c0tpdvx5cfkve2c8kl


View Profile WWW
March 16, 2018, 05:50:07 PM
 #2

Since account' is a hardened derivation path, you cannot generate it server side without having the master private key also be server side. So you can either make it unhardened (thus only storing the pubic key for m/44'/0') or just generate a lot of xpubs for each account and regularly refresh the available xpubs manually.

btcstudmuffin
Newbie
*
Offline Offline

Activity: 2
Merit: 0


View Profile
March 16, 2018, 06:59:47 PM
 #3

Awesome, thanks for that. I had been contemplating just generating a bunch of xpubs manually since I only need one per account... seems like that's not a totally crazy idea.

Would it be risky to have account be un-hardened considering that this wallet will never be used for payments? (except for consolidating and moving to other cold storage wallets)

Do you know how various exchanges/etc. deal with this issue?
achow101
Moderator
Legendary
*
expert
Offline Offline

Activity: 1610
Merit: 1789


bc1qshxkrpe4arppq89fpzm6c0tpdvx5cfkve2c8kl


View Profile WWW
March 16, 2018, 08:21:30 PM
 #4

Would it be risky to have account be un-hardened considering that this wallet will never be used for payments? (except for consolidating and moving to other cold storage wallets)
Unhardened derivation is only risky if someone is able to learn the xpub and any of the child private keys. In that case, the xpriv corresponding to the xpub can be derived. So if you think your security if the private keys is good enough, then unhardened is fine.

Do you know how various exchanges/etc. deal with this issue?
I don't think exchanges generally have separate accounts like that dedicated to each user.

Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!